In the recent past, numerous large language models (hereinafter “LLMs”) have emerged for use in
various fields. While these models can offer great benefits to the public, processing operations
associated with LLMs shall comply with the GDPR. It has to be noted that LLMs are trained and
enhanced using a huge amount of data, including personal data. Some of the most popular and widely known LLMs are those in the “GPT” category,
since it has been
the first consumer-facing model to be launched on 30 November 2022 through the ChatGPT service.
Several Supervisory Authorities (hereinafter “SAs”) have initiated data protection investigations
pursuant to Article 58(1)(a) and (b) GDPR against OpenAI OpCo, LLC (hereinafter “OpenAI”) as
controller for processing operations carried out in the context of the ChatGPT service. In the Plenary meeting of the EDPB on 16 January 2024, the decision was made to specify the mandate
of the task force and to publish a report, outlining the interim results of the ChatGPT TF. According to
this mandate, the taskforce shall:
• Exchange information between SAs on engagement with OpenAI and on-going enforcement
activities concerning ChatGPT.
• Facilitate coordination of external communication by SAs concerning enforcement activities in
the context of ChatGPT.
• Swiftly identify a list of issues on which a common approach is needed in the context of
different enforcement actions concerning ChatGPT by SAs.
Authors
- Published in
- Belgium